General
-
Target
ExplorerBlurMica by VIN STAR.zip
-
Size
109KB
-
Sample
240629-ngb94szarn
-
MD5
d5ed3990c539fcbadb86a4b740b57e68
-
SHA1
f48a4755accd7d87bfe742d9111c1c7d2ecac28d
-
SHA256
4f0afb62a9fdbb29421dd965640fbe4de1af3ac1206b2165fb3d54fffc1a95a5
-
SHA512
8a211555be77efdeeeee6b45ab384d45a680e9a3978967dc8bffde72f25313ba4d07cb898876b393d9ede6073899996b490e3bb96f3cb0de8e241d037852f622
-
SSDEEP
3072:MAO2RJcJmzn1DdPtq0ZpA78t+9CobJZkI5H/eWYxoTw:MAODYzVdDDTglbMg42w
Static task
static1
Behavioral task
behavioral1
Sample
ExplorerBlurMica/Release/ExplorerBlurMica.dll
Resource
win11-20240611-en
Behavioral task
behavioral2
Sample
ExplorerBlurMica/Release/register.cmd
Resource
win11-20240508-en
Behavioral task
behavioral3
Sample
ExplorerBlurMica/Release/uninstall.cmd
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
ExplorerBlurMica/Release/ExplorerBlurMica.dll
-
Size
214KB
-
MD5
6bbdd800a32fdbca2385e95214dcd4d3
-
SHA1
93ef5e833904f2a7a2f2fea64671394f6b31c3ae
-
SHA256
9d6f554604111405e48f7fdf0eba972bdde5e0a275d2e7dd66240681ea595344
-
SHA512
bdc0558007ae526c7b3fb89d3ef013ca95393336b3d7d52e4b0f20a7e556852d72be3e15e031a5c6d357d1ab04b4faaa137a0ad228d52046b9f65879fc254515
-
SSDEEP
6144:ySjaVUOYSlu6vaDcUB4Sv75o7Dr1LrYGf:dUUOa4ho5o7DB
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Drops file in System32 directory
-
-
-
Target
ExplorerBlurMica/Release/register.cmd
-
Size
247B
-
MD5
e513f1f7f4eb1851973b281b0595f117
-
SHA1
381e79bc136b3297cef997cc4df34538a1688b20
-
SHA256
41f3089fb799635a8aa0ed059d491ca78f143f0f111a9b52a00c168eca9507ac
-
SHA512
6d5d11592d871c52de76a30a9470b3933cd4e4531a7b77c73758fbe9269ac4635926d78d9f5178e26f5e25c4a0318e6cf0145a8c06affafcd626720a88abc27a
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
-
-
Target
ExplorerBlurMica/Release/uninstall.cmd
-
Size
297B
-
MD5
d84e8b5fe4e5854bf299ed20f004264c
-
SHA1
2ebabb73ef9af06c33ba1c8ce933ac83ef74f4be
-
SHA256
ef3dc2f1b06d6268e658120376a0be63e22ad2bf51a216c4fe6575fc0adcaba3
-
SHA512
b64e825a31fc1a1b9da740cb73f5cf4fc6c3ecae2b4163aa7a7c4d3afeca98c5543a48dcdfb75dc3bcbaced2699b3d4741f7fc0f3ece26d63630a3f1595f8b8a
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Event Triggered Execution
2Component Object Model Hijacking
2Browser Extensions
2Boot or Logon Autostart Execution
1Active Setup
1Privilege Escalation
Event Triggered Execution
2Component Object Model Hijacking
2Boot or Logon Autostart Execution
1Active Setup
1